Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.
License: GNU General Public License v3.0
┌──(root㉿kali)-[/opt/Damn-Vulnerable-RESTaurant-API-Game]
└─# ./start_app.sh
docker: 'compose' is not a docker command.
See 'docker --help'
howdy!
➜ Damn-Vulnerable-RESTaurant-API-Game git:(main) ✗ system_profiler SPSoftwareDataType SPHardwareDataType
Software:
System Software Overview:
System Version: macOS 14.3.1 (23D60)
Kernel Version: Darwin 23.3.0note: using colima (Mac OS container runtime) instead of Docker desktop, follow the instructions "Running the Application - Ethical Hackers Approach"
➜ Damn-Vulnerable-RESTaurant-API-Game git:(main) ✗ chmod +x ./start_app.sh
➜ Damn-Vulnerable-RESTaurant-API-Game git:(main) ✗ sudo ./start_app.sh
WARN[0000] /Users/adam/git/Damn-Vulnerable-RESTaurant-API-Game/docker-compose.yml: `version` is obsolete
[+] Running 1/0
✔ Container damn-vulnerable-restaurant-api-game-db-1 Creat... 0.0s
Attaching to db-1, web-1
db-1 | chown: /var/lib/postgresql/data: Permission denied
db-1 exited with code 1
dependency failed to start: container damn-vulnerable-restaurant-api-game-db-1 exited (1)this looks to be an issue with postgres and not necessarily this docker compose.. i think the script requires updating to run elevated privileges on postgres, see:
any assistance much appreciated, tyia!
Hi,
first, great project!
I wanted to use the Damn-Vulnerable-RESTaurant-API to run an API-Security DAST tool on it, to see how good the DAST tool is in detecting the API vulnerabilities. For this I would need an Postman collection or any similar e2e testing framework.
So I was wondering, do you have any e2e tests written for the Damn-Vulnerable-RESTaurant-API? If not I would want to create one myself, as you already have a swagger UI documentation.
And also, do you have a track or a overview of all the API vulnerabilities which you integrated to the API? With this I could benchmark the report from my security tool.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.